Event Log Explorer 4.6.1.2115 – Remote Code Execution

An arbitrary remote code execution vulnerability has been discovered in the official Event Log Explorer software. Event Log Explorer allows the execution of arbitrary code via a file named « radmin32.dll » just create a file with an extension (.elx) and inserted it into a share folder that contains the « radmin32 » DLL. dll « the victim will click on the file (.elx) that opens by default with the Event Log Explorer software and the arbitrary DLL will run on the system.